admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2022/CVE-2022-1026.md

22 lines
1.1 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2022-1026](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1026)
![](https://img.shields.io/static/v1?label=Product&message=Multifunction%20Printer%20Net%20Viewer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2S0_1000.005.0012S5_2000.002.505%3C%3D%202S0_1000.005.0012S5_2000.002.505%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-522%20Insufficiently%20Protected%20Credentials&color=brighgreen)
### Description
Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.
### POC
#### Reference
- https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ac3lives/kyocera-cve-2022-1026
- https://github.com/flamebarke/nmap-printer-nse-scripts
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/zanezhub/CVE-2022-1015-1016
Reference in New Issue Copy Permalink